[Bug 510732] Re: OpenSSH server sshd_config PermitRootLogin - NO
It has been fixed upstream: http://www.openssh.com/txt/release-6.9 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/510732 Title: OpenSSH server sshd_config PermitRootLogin - NO To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/510732/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 510732] Re: OpenSSH server sshd_config PermitRootLogin - NO
This one can probably be closed since the default is now PermitRootLogin without-password and that's close enough. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/510732 Title: OpenSSH server sshd_config PermitRootLogin - NO To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/510732/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1462758] [NEW] Cannot scp between two remote hosts
Public bug reported: According to the manual page, scp should be able to copy between two remote hosts: scp user@host1:file1 user@host2:. However, it fails after asking for the password for the first host, even though the same file can be copied in two steps: $ scp xx.yy.zz.aa:*.csv xx.yy.zz.bb:. f...@xx.yy.zz.aa's password: Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,password,keyboard-interactive). lost connection $ scp xx.yy.zz.aa:*.csv . f...@xx.yy.zz.aa's password: configuration_log.csv 100% 935 0.9KB/s 00:00 $ scp *.csv xx.yy.zz.bb:. f...@xx.yy.zz.bb's password: configuration_log.csv 100% 935 0.9KB/s 00:00 $ scp -v xx.yy.zz.aa:*.csv xx.yy.zz.bb:. Executing: /usr/bin/ssh '-x' '-oClearAllForwardings=yes' '-n' '-v' '--' 'xx.yy.zz.aa' 'scp -v' '*.csv' 'xx.yy.zz.bb:.' OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /home/foo/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to xx.yy.zz.aa [xx.yy.zz.aa] port 22. debug1: Connection established. debug1: identity file /home/foo/.ssh/id_rsa type -1 debug1: identity file /home/foo/.ssh/id_rsa-cert type -1 debug1: identity file /home/foo/.ssh/id_dsa type -1 debug1: identity file /home/foo/.ssh/id_dsa-cert type -1 debug1: identity file /home/foo/.ssh/id_ecdsa type -1 debug1: identity file /home/foo/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/foo/.ssh/id_ed25519 type -1 debug1: identity file /home/foo/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.8 debug1: match: OpenSSH_6.8 pat OpenSSH* compat 0x0400 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server-client aes128-ctr hmac-sha1-...@openssh.com none debug1: kex: client-server aes128-ctr hmac-sha1-...@openssh.com none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ECDSA 29:ad:e4:06:40:3a:bb:a2:d7:2c:b3:04:3c:ba:dc:9d debug1: Host 'xx.yy.zz.aa' is known and matches the ECDSA host key. debug1: Found key in /home/foo/.ssh/known_hosts:25 debug1: ssh_ecdsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: publickey debug1: Trying private key: /home/foo/.ssh/id_rsa debug1: Trying private key: /home/foo/.ssh/id_dsa debug1: Trying private key: /home/foo/.ssh/id_ecdsa debug1: Trying private key: /home/foo/.ssh/id_ed25519 debug1: Next authentication method: keyboard-interactive debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: password f...@xx.yy.zz.aa's password: debug1: Authentication succeeded (password). Authenticated to xx.yy.zz.aa ([xx.yy.zz.aa]:22). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessi...@openssh.com debug1: Entering interactive session. debug1: client_input_global_request: rtype hostkeys...@openssh.com want_reply 0 debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug1: Sending command: scp -v *.csv xx.yy.zz.bb:. Executing: program /usr/bin/ssh host xx.yy.zz.bb, user (unspecified), command scp -v -t . OpenSSH_6.8, LibreSSL 2.1 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Connecting to xx.yy.zz.bb [xx.yy.zz.bb] port 22. debug1: Connection established. debug1: key_load_public: No such file or directory debug1: identity file /home/foo/.ssh/id_rsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/foo/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/foo/.ssh/id_dsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/foo/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/foo/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/foo/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/foo/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/foo/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.8 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.8 debug1: match: OpenSSH_6.8 pat OpenSSH* compat 0x0400 debug1:
[Bug 1303265] [NEW] unmet dependencies on i386
Public bug reported: The 4 and5 Apr i386 images won't install openssh-server due to unmet dependencies. http://iso.qa.ubuntu.com/qatracker/milestones/308/builds/66090/downloads $ sudo apt-get install openssh-server Reading package lists... Done Building dependency tree Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: openssh-server : Depends: openssh-client (= 1:6.5p1-6) but 1:6.6p1-2 is to be installed Recommends: ncurses-term but it is not going to be installed Recommends: ssh-import-id but it is not going to be installed E: Unable to correct problems, you have held broken packages. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: openssh-server (not installed) ProcVersionSignature: Ubuntu 3.13.0-23.45-generic 3.13.8 Uname: Linux 3.13.0-23-generic i686 ApportVersion: 2.14.1-0ubuntu1 Architecture: i386 Date: Sun Apr 6 11:31:41 2014 InstallationDate: Installed on 2014-04-06 (0 days ago) InstallationMedia: Lubuntu 14.04 LTS Trusty Tahr - Daily i386 (20140405) SourcePackage: openssh UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: openssh (Ubuntu) Importance: Undecided Status: New ** Tags: apport-bug i386 trusty -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1303265 Title: unmet dependencies on i386 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1303265/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1303265] Re: unmet dependencies on i386
trumpetti.atm.tut.fi AKA fi.archive.ubuntu.com is out of sync ** Changed in: openssh (Ubuntu) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1303265 Title: unmet dependencies on i386 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1303265/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1173312] Re: screen : chmod /dev/pts/6: Operation not permitted
It seems fixed in trusty. Thanks. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to screen in Ubuntu. https://bugs.launchpad.net/bugs/1173312 Title: screen : chmod /dev/pts/6: Operation not permitted To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/screen/+bug/1173312/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1258546] Re: Apache2 defaults to the wrong character set, it should be UTF-8
I can do the Server system, too, but right now the steps I have followed to get the problem are: 1. install Ubuntu 12.04 desktop, or Lubuntu 14.04devel desktop (it occurs on both) 2. install Apache2, leaving default configuration settings 3. load an html page from the server in a browser (in 12.04 or 14.04devel) 4. check page info regarding Encoding Adding AddDefaultCharset utf-8 to the configuration file makes the problem go away. But could this be a problem with the browser anyway? $ wget -S http://xx.yy.zz.aa --2013-12-09 14:38:34-- http://xx.yy.zz.aa/ Connecting to xx.yy.zz.aa:80... connected. HTTP request sent, awaiting response... HTTP/1.1 200 OK Date: Mon, 09 Dec 2013 12:38:34 GMT Server: Apache/2.2.22 (Ubuntu) Last-Modified: Sat, 07 Dec 2013 14:39:28 GMT ETag: 222742-b1-4ecf2bae66f2c Accept-Ranges: bytes Content-Length: 177 Vary: Accept-Encoding Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html Length: 177 [text/html] $ wget -S http://xx.yy.zz.bb --2013-12-09 14:39:46-- http://xx.yy.zz.bb/ Connecting to xx.yy.zz.bb:80... connected. HTTP request sent, awaiting response... HTTP/1.1 200 OK Date: Mon, 09 Dec 2013 12:39:46 GMT Server: Apache/2.4.6 (Ubuntu) Last-Modified: Mon, 25 Nov 2013 16:12:19 GMT ETag: b1-4ec02a0e06c9c Accept-Ranges: bytes Content-Length: 177 Vary: Accept-Encoding Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html Length: 177 [text/html] -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1258546 Title: Apache2 defaults to the wrong character set, it should be UTF-8 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1258546/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1258546] Re: Apache2 defaults to the wrong character set, it should be UTF-8
The one browser is Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:25.0) Gecko/20100101 Firefox/25.0 HTTP_ACCEPT Headers : text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 gzip, deflate en,en-us;q=0.7,sv;q=0.3 The other is: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:25.0) Gecko/20100101 Firefox/25.0 HTTP_ACCEPT Headers : text/html, */* gzip, deflate en-US,en;q=0.5 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1258546 Title: Apache2 defaults to the wrong character set, it should be UTF-8 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1258546/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1258546] Re: Apache2 defaults to the wrong character set, it should be UTF-8
I've done a fresh installation from the ubuntu-12.04.3-server-i386.iso image and installed Apache2. The Firefox web browser still shows that the pages being served are encoded in windows-1252 instead of UTF-8, which is what the locale is set to, or ISO-8859 which would be the old standard. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1258546 Title: Apache2 defaults to the wrong character set, it should be UTF-8 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1258546/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1258546] Re: Apache2 defaults to the wrong character set, it should be UTF-8
If I serve a UTF-8 encoded file *AND* set the default myself in Apache, then everything is fine. If the default encoding is left alone, Apache serves it up as windows-1252 and then UTF-8 encoded letters come out as garbage like this: åäöÅÄÖéÉ As seen from the browser HTTP_ACCEPT Headers, it seems to be the web server making the choice. Apache has a defaut encoding. It should be a standard, UTF-8 or ISO-8859, having non-standard windows-1252 in the default configuration just makes a mess. It's easy to fix by AddDefaultCharset to the configuration. However, it would be great if Apache worked with non- English languages out of the box, especially when the locale is set so. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1258546 Title: Apache2 defaults to the wrong character set, it should be UTF-8 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1258546/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1258546] Re: Apache2 defaults to the wrong character set, it should be UTF-8
If wget is not seeing the wrong encoding then it may be a problem with Firefox instead. However, the steps to reproduce are 1. install Ubuntu 12.04 desktop, or Lubuntu 14.04devel desktop (it occurs on both) 2. install Apache2, leaving default configuration settings 3. load an html page from the server in Firefox (in 12.04 or 14.04devel) 4. check page info regarding Encoding with ctrl-i -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1258546 Title: Apache2 defaults to the wrong character set, it should be UTF-8 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1258546/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1258546] Re: Apache2 defaults to the wrong character set, it should be UTF-8
It looks like the problem is Firefox then. If no default is set, then it sends wget 'Content-Type: text/html'. If the default is set to utf-8, then it sends wget 'Content-Type: text/html; charset=utf-8' -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1258546 Title: Apache2 defaults to the wrong character set, it should be UTF-8 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1258546/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1258546] [NEW] Apache2 defaults to the wrong character set, it should be UTF-8
Public bug reported: Apache2 by mistake defaults to windows-1252 instead of UTF-8. The system is now in UTF-8 or at worst ISO-8859. Apache2 should default to a standard character set, such as UTF-8 which is used in the rest of the system. $ set | grep -i utf LANG=en_US.UTF-8 ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: apache2 2.4.6-2ubuntu4 ProcVersionSignature: Ubuntu 3.12.0-5.13-generic 3.12.2 Uname: Linux 3.12.0-5-generic x86_64 Apache2ConfdDirListing: False ApportVersion: 2.12.7-0ubuntu1 Architecture: amd64 CurrentDesktop: LXDE Date: Fri Dec 6 16:59:29 2013 InstallationDate: Installed on 2013-11-19 (17 days ago) InstallationMedia: Lubuntu 14.04 Trusty Tahr - Alpha amd64+mac (20131118) SourcePackage: apache2 UpgradeStatus: No upgrade log present (probably fresh install) error.log: Error: [Errno 13] Permission denied: '/var/log/apache2/error.log' modified.conffile..etc.apache2.mods.available.mime.conf: [modified] modified.conffile..etc.apache2.sites.available.000.default.conf: [modified] mtime.conffile..etc.apache2.mods.available.mime.conf: 2013-12-06T14:35:32.967408 mtime.conffile..etc.apache2.sites.available.000.default.conf: 2013-12-06T14:40:35.305416 ** Affects: apache2 (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug trusty -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1258546 Title: Apache2 defaults to the wrong character set, it should be UTF-8 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1258546/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884177] Re: fancontrol should have debconf prompt to run pwmconfig
No change. It's still there in 13.10 and this version of fancontrol: $ apt-cache policy fancontrol fancontrol: Installed: 1:3.3.3-1ubuntu1 Candidate: 1:3.3.3-1ubuntu1 Version table: *** 1:3.3.3-1ubuntu1 0 500 http://fi.archive.ubuntu.com/ubuntu/ saucy/universe amd64 Packages 100 /var/lib/dpkg/status -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lm-sensors in Ubuntu. https://bugs.launchpad.net/bugs/884177 Title: fancontrol should have debconf prompt to run pwmconfig To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lm-sensors/+bug/884177/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1213459] [NEW] Kompozer HTML editor needs packaging
Public bug reported: The editor Kompozer has been provided by earlier releases of Ubuntu. Please package it for Saucy and Raring. http://www.kompozer.net/download.php ** Affects: kompozer (Ubuntu) Importance: Undecided Status: New ** Tags: needs-packaging ** Package changed: lm-sensors (Ubuntu) = kompozer (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lm-sensors in Ubuntu. https://bugs.launchpad.net/bugs/1213459 Title: Kompozer HTML editor needs packaging To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kompozer/+bug/1213459/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1067301] [NEW] ssh-add: Error reading response length from authentication socket.
Public bug reported: ssh-add seems not to work with the confirmation (-c) option. Trying to require that identities be subject to confirmation when used brings up the error Error reading response length from authentication socket. $ ssh-add -c /home/user/.ssh/key_rsa Enter passphrase for /home/user/.ssh/key_rsa: Error reading response length from authentication socket. Could not add identity: /home/user/.ssh/key_rsa Addding keys not subject to confirmation when used works as normal: $ ssh-add /home/user/.ssh/key_rsa Enter passphrase for /home/user/.ssh/key_rsa: Identity added: /home/user/.ssh/key_rsa (/home/user/.ssh/key_rsa) ProblemType: Bug DistroRelease: Ubuntu 12.10 Package: openssh-client 1:6.0p1-3ubuntu1 ProcVersionSignature: Ubuntu 3.5.0-17.28-generic 3.5.5 Uname: Linux 3.5.0-17-generic x86_64 ApportVersion: 2.6.1-0ubuntu3 Architecture: amd64 Date: Tue Oct 16 13:55:08 2012 InstallationMedia: Lubuntu 12.10 Quantal Quetzal - Release amd64+mac (20121015) ProcEnviron: TERM=xterm PATH=(custom, no user) XDG_RUNTIME_DIR=set LANG=en_US.UTF-8 SHELL=/bin/bash RelatedPackageVersions: ssh-askpass N/A libpam-sshN/A keychain N/A ssh-askpass-gnome N/A SSHClientVersion: OpenSSH_6.0p1 Debian-3ubuntu1, OpenSSL 1.0.1c 10 May 2012 SourcePackage: openssh UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: openssh (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug quantal -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1067301 Title: ssh-add: Error reading response length from authentication socket. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1067301/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1067301] Re: ssh-add: Error reading response length from authentication socket.
It then gives the error Agent admitted failure to sign using the key. $ eval `ssh-agent` Agent pid 9903 $ ssh-add -c /home/user/.ssh/key_rsa Enter passphrase for /home/user/.ssh/key_5501_rsa: Identity added: /home/user/.ssh/key_rsa (/home/user/.ssh/key_rsa) The user must confirm each use of the key $ ssh -i /home/lars/.ssh/key_rsa -l user XX.YY.ZZ.AA Agent admitted failure to sign using the key. Enter passphrase for key '/home/user/.ssh/key_rsa': -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1067301 Title: ssh-add: Error reading response length from authentication socket. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1067301/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1067301] Re: ssh-add: Error reading response length from authentication socket.
This is with a plain vanilla Quantal (Lubuntu) installation installed just today and have not changed the configurations on. So the settings used are default. SSH_ASKPASS is not getting set: $ echo $SSH_ASKPASS $ echo $DISPLAY :0 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1067301 Title: ssh-add: Error reading response length from authentication socket. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1067301/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1067301] Re: ssh-add: Error reading response length from authentication socket.
** Package changed: openssh (Ubuntu) = gnome-keyring (Ubuntu) ** Changed in: gnome-keyring (Ubuntu) Status: Invalid = New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1067301 Title: ssh-add: Error reading response length from authentication socket. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1067301/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1065101] [NEW] /etc/default/ssh not needed and can be removed
Public bug reported: Now that sshd is an upstart service, the file /etc/default/ssh is not needed and should be removed to avoid confusion. The settings are now made at the end of /etc/init/ssh.conf instead. ProblemType: Bug DistroRelease: Ubuntu 12.10 Package: openssh-server 1:6.0p1-3ubuntu1 ProcVersionSignature: Ubuntu 3.5.0-17.27-generic 3.5.5 Uname: Linux 3.5.0-17-generic x86_64 ApportVersion: 2.6.1-0ubuntu1 Architecture: amd64 Date: Wed Oct 10 18:19:03 2012 InstallationMedia: Lubuntu 12.10 Quantal Quetzal - Beta amd64+mac (20120926) SourcePackage: openssh UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.init.ssh.conf: 2012-09-29T20:38:16.945742 ** Affects: openssh (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug quantal -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1065101 Title: /etc/default/ssh not needed and can be removed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1065101/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884177] Re: fancontrol cannot read its own configuration file
Can there be a config file included in the default install that contains such a message? A pointer is needed to the solution somehow. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lm-sensors in Ubuntu. https://bugs.launchpad.net/bugs/884177 Title: fancontrol cannot read its own configuration file To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lm-sensors/+bug/884177/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884177] Re: fancontrol should have debconf prompt to run pwmconfig
Could a post-install script ask to run pwmconfig and then run it if the answer is yes? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lm-sensors in Ubuntu. https://bugs.launchpad.net/bugs/884177 Title: fancontrol should have debconf prompt to run pwmconfig To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lm-sensors/+bug/884177/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 913379] [NEW] Migrate ntp from SystemV to Upstart
Public bug reported: If upstart is indeed where Ubuntu is heading then ntp ought to be migrated over to it before 12.04. Below is a guess at what /etc/init/ntp.conf could contain. Some other changes are needed for it to work properly. # ntp - Network Time Protoco client and server # # The Network Time Protocol client and server synchronizes # system clocks over the network description NTP server start on filesystem or runlevel [2345] stop on runlevel [!2345] respawn respawn limit 10 5 umask 022 pre-start script test -x /usr/sbin/ntpd || { stop; exit 0; } test -f /etc/ntp.conf || { stop; exit 0; } mkdir -p -m0755 /var/run/ntp end script exec /usr/sbin/ntpd ** Affects: ntp (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/913379 Title: Migrate ntp from SystemV to Upstart To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/913379/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 913515] [NEW] Migrate Apache2 from SystemV to Upstart
Public bug reported: If Upstart is indeed the way Ubuntu is moving then Apache2 should migrate from SystemV scripts to Upstart in time for the next LTS in 12.04. A configuration file is needed in /etc/init plus a few other changes. ** Affects: apache2 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/913515 Title: Migrate Apache2 from SystemV to Upstart To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/913515/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884177] Re: fancontrol cannot read its own configuration file
The problem is also present in Precise. $ lsb_release -rd Description:Ubuntu precise (development branch) Release:12.04 $ fancontrol Loading configuration from /etc/fancontrol ... Error: Can't read configuration file $ apt-cache policy fancontrol fancontrol: Installed: 1:3.3.0-4ubuntu1 Candidate: 1:3.3.0-4ubuntu1 Version table: *** 1:3.3.0-4ubuntu1 0 500 http://fi.archive.ubuntu.com/ubuntu/ precise/universe amd64 Packages 100 /var/lib/dpkg/status -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lm-sensors in Ubuntu. https://bugs.launchpad.net/bugs/884177 Title: fancontrol cannot read its own configuration file To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lm-sensors/+bug/884177/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884177] Re: fancontrol cannot read its own configuration file
Still present in Precise: $ lsb_release -rd Description:Ubuntu precise (development branch) Release:12.04 $ apt-cache policy fancontrol fancontrol: Installed: (none) Candidate: 1:3.3.0-4ubuntu1 Version table: 1:3.3.0-4ubuntu1 0 500 http://fi.archive.ubuntu.com/ubuntu/ precise/universe amd64 Packages -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lm-sensors in Ubuntu. https://bugs.launchpad.net/bugs/884177 Title: fancontrol cannot read its own configuration file To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lm-sensors/+bug/884177/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884177] [NEW] fancontrol cannot read its own configuration file
Public bug reported: $ fancontrol Loading configuration from /etc/fancontrol ... Error: Can't read configuration file $ lsb_release -rd Description:Ubuntu 11.10 Release:11.10 ~$ apt-cache policy fancontrol fancontrol: Installed: 1:3.3.0-4ubuntu1 Candidate: 1:3.3.0-4ubuntu1 Version table: *** 1:3.3.0-4ubuntu1 0 500 http://fi.archive.ubuntu.com/ubuntu/ oneiric/universe i386 Packages 100 /var/lib/dpkg/status ** Affects: lm-sensors (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lm-sensors in Ubuntu. https://bugs.launchpad.net/bugs/884177 Title: fancontrol cannot read its own configuration file To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lm-sensors/+bug/884177/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884173] [NEW] sensors returning a bogus temperature reading
Public bug reported: The value for Tm0P is bogus. If it is not a real sensor, then it should not be listed. If it is a real sensor, then it should show the real temperature, not a bogus value. $ sensors nouveau-pci-0200 Adapter: PCI adapter temp1:+73.0°C (high = +100.0°C, crit = +100.0°C) applesmc-isa-0300 Adapter: ISA adapter Master : 1493 RPM (min = 1500 RPM) TC0D: +49.5°C TC0H: +49.2°C TC0P: +48.2°C TH0P: +48.8°C TN0D: +72.8°C TN0P: +58.5°C TW0P: +56.8°C Tm0P:+128.0°C $ lsb_release -rd Description:Ubuntu 11.10 Release:11.10 ~$ apt-cache policy lm-sensors lm-sensors: Installed: 1:3.3.0-4ubuntu1 Candidate: 1:3.3.0-4ubuntu1 Version table: *** 1:3.3.0-4ubuntu1 0 500 http://fi.archive.ubuntu.com/ubuntu/ oneiric/universe i386 Packages 100 /var/lib/dpkg/status ** Affects: lm-sensors (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lm-sensors in Ubuntu. https://bugs.launchpad.net/bugs/884173 Title: sensors returning a bogus temperature reading To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lm-sensors/+bug/884173/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884173] Re: sensors returning a bogus temperature reading
** Attachment added: dmesg https://bugs.launchpad.net/ubuntu/+source/lm-sensors/+bug/884173/+attachment/2580036/+files/dmesg -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lm-sensors in Ubuntu. https://bugs.launchpad.net/bugs/884173 Title: sensors returning a bogus temperature reading To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lm-sensors/+bug/884173/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884177] Re: fancontrol cannot read its own configuration file
It appears that the configuration file is missing. $ ls /etc/fancontrol ls: cannot access /etc/fancontrol: No such file or directory -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lm-sensors in Ubuntu. https://bugs.launchpad.net/bugs/884177 Title: fancontrol cannot read its own configuration file To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lm-sensors/+bug/884177/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884177] Re: fancontrol cannot read its own configuration file
$ dpkg -L fancontrol /. /usr /usr/share /usr/share/doc /usr/share/doc/fancontrol /usr/share/doc/fancontrol/copyright /usr/share/doc/fancontrol/fancontrol.txt.gz /usr/share/doc/fancontrol/changelog.Debian.gz /usr/share/man /usr/share/man/man8 /usr/share/man/man8/fancontrol.8.gz /usr/share/man/man8/pwmconfig.8.gz /usr/sbin /usr/sbin/fancontrol /usr/sbin/pwmconfig /etc /etc/init.d /etc/init.d/fancontrol -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lm-sensors in Ubuntu. https://bugs.launchpad.net/bugs/884177 Title: fancontrol cannot read its own configuration file To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lm-sensors/+bug/884177/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 854705] Re: dig returns 0 regardless of result of query
It's a work around but I'd still expect dig to return a non-zero number sometimes. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to bind9 in Ubuntu. https://bugs.launchpad.net/bugs/854705 Title: dig returns 0 regardless of result of query To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/854705/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 854705] [NEW] dig returns 0 regardless of result of query
Public bug reported: /usr/bin/dig returns 0 regardless of whether the query was successful or not. It should return 0 instead if the query failed. ** Affects: bind9 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to bind9 in Ubuntu. https://bugs.launchpad.net/bugs/854705 Title: dig returns 0 regardless of result of query To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/854705/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 854705] Re: dig returns 0 regardless of result of query
Sorry it should return 1 instead if the query failed. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to bind9 in Ubuntu. https://bugs.launchpad.net/bugs/854705 Title: dig returns 0 regardless of result of query To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/854705/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 854705] Re: dig returns 0 regardless of result of query
I would expect dig to respond in this manner: dig +short www.google.com echo SUCCESS || echo FAILURE -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to bind9 in Ubuntu. https://bugs.launchpad.net/bugs/854705 Title: dig returns 0 regardless of result of query To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/854705/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 782071] [NEW] Add current local time to configuration
Public bug reported: Binary package hint: ntp NTPd has four time severs in the ubuntu server pool. It might be good to add a few extra lines to the bottom of the servers list to provide your current local time as a default should the machine temporarly lose Internet connectivity: server 127.127.1.0 fudge 127.127.1.0 stratum 10 http://ubuntuforums.org/showthread.php?t=862620 ** Affects: ntp (Ubuntu) Importance: Undecided Status: New ** Tags: ntp -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/782071 Title: Add current local time to configuration -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 510732] Re: OpenSSH server sshd_config PermitRootLogin - NO
Don't argue about it. Just make the correction by setting it to No -- OpenSSH server sshd_config PermitRootLogin - NO https://bugs.launchpad.net/bugs/510732 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 510732] Re: OpenSSH server sshd_config PermitRootLogin - NO
Jamie, the various backup strategies that I have seen are all suited to using sudo. They all run a program or script which receives some arguments at run time. That includes rsync over ssh. Could you please be specific about which backup strategy is not able to work with sudo? Kees, yes, I see that it is not an new issue. However, there is no need to rationalize legacy settings. The closest to a real choice is between a small up front investment in knowledge or documentation about sudo versus a larger mess later on. In that way, the assertion of security XOR usability, appears to be a false dichotomy. Colin, this bug report is for Ubuntu, not Debian, OpenSSH portable team, or OpenBSD. The object is to address the relative weakness of Ubuntu servers in regards to bruteforce attacks against root accounts. Since upstream is mentioned, you probably have direct experience there. I would remind then that OpenSSH is developed as part of OpenBSD and that when installing OpenBSD, the default there during the basic installation is if a regular user is added is to turn off remote root login. So one compromise would be to add the same option to the Ubuntu server installation script. Most sub-distros do not have openssh-server by default, so this bug does not affect them, only AFAIK the Ubuntu server. -- OpenSSH server sshd_config PermitRootLogin - NO https://bugs.launchpad.net/bugs/510732 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 510732] Re: OpenSSH server sshd_config PermitRootLogin - NO
The default Ubuntu Server install does *not* have openssh-server installed. Ok, then that's a separate bug needing a separate bug report. Nearly all installations of the openssh-server package, I am guessing then, are on the Ubuntu Server or an alternate install tuned to be rather like the Ubuntu Server. Is there a way of getting the popularity contest data to examine package installation frequency and finding groupings or clusters of daemons commonly installed together? Mathias, did comment #2 answer your question about setting PermitRootLogin to NO as default would improve the default openssh-server installation? https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/510732/comments/2 -- OpenSSH server sshd_config PermitRootLogin - NO https://bugs.launchpad.net/bugs/510732 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 510732] [NEW] OpenSSH server sshd_config PermitRootLogin - NO
Public bug reported: Ubuntu does not use the root account directly so the PermitRootLogin directive in sshd_config should be set to no by default. This policy is backed by the upstream documentation: For security reasons, it is bad practice to log in as root during regular use and maintenance of the system. Instead, administrators are encour- aged to add a ``regular'' user, add said user to the ``wheel'' group, then use the su(1) and sudo(8) commands when root privileges are re- quired. This process is described in more detail later. From : http://www.openbsd.org/cgi-bin/man.cgi?query=afterboot Bruteforce attacks against the root account are now continual and have been for several years: http://arstechnica.com/security/news/2008/05/strong-passwords-no-panacea-as-ssh-brute-force-attacks-rise.ars If there are shortcomings in the the documentation and guides for sudo or how to use key-based autentication, then they should be addressed there so that this default setting can be set properly. Description:Ubuntu lucid (development branch) Release:10.04 openssh-server: Installed: 1:5.2p1-2ubuntu1 Candidate: 1:5.2p1-2ubuntu1 Version table: *** 1:5.2p1-2ubuntu1 0 500 http://fi.archive.ubuntu.com lucid/main Packages 100 /var/lib/dpkg/status ** Affects: openssh (Ubuntu) Importance: Undecided Status: New ** Tags: configuration permitrootlogin -- OpenSSH server sshd_config PermitRootLogin - NO https://bugs.launchpad.net/bugs/510732 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 510732] Re: OpenSSH server sshd_config PermitRootLogin - NO
Hmm. Wishlist is not the right category for a bug. Mathias, defaulting PermitRootLogin to no improves the layered process of 'security' for the default installation by adding another layer of protection and not relying on the hope that the root account will always remain disabled. Correcting the default setting for that directive adds an additional line of defense should the root account become activated, something which is easily done by accident, curiosity or misguided attempts at solving other problems. You can work that out for yourself. My own recent anecdotes show that, on the Ubuntu forums and when dealing with about 150 students (from 2006-2009) whom I guided in laboratory exercises involving Ubuntu, root accounts do get activated. You can go to the page at the first link above to the people who write OpenSSH and read what they recommend: defaulting PermitRootLogin to no. Does that answer your question? See also http://wiki.centos.org/HowTos/Network/SecuringSSH#head- 9c01429983dccbf74ade8674815980dc6434d3ba https://calomel.org/openssh.html http://www.linux.com/archive/feature/119744/ -- OpenSSH server sshd_config PermitRootLogin - NO https://bugs.launchpad.net/bugs/510732 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 510732] Re: OpenSSH server sshd_config PermitRootLogin - NO
Thank you for the cheezburger link, Kees. From it, I am starting to understand more about how decisions are made in the Ubuntu project and the authoritative resources drawn upon to help make informed decisions. Anyhow, those that somehow get the impression that they want to log in as root can always set the PermitRootLogin directive in /etc/sshd_config from 'no' to 'yes' What use-case is there for remote root login that cannot already be met by a tuned sudoers? Use of sudo allows further compartmentalization of access and privilege. Layering security defenses in an application can reduce the chance of a successful attack... so that if one layer of defense turns out to be inadequate, another layer of defense will hopefully prevent a full breach. https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/principles/347-BSI.html -- OpenSSH server sshd_config PermitRootLogin - NO https://bugs.launchpad.net/bugs/510732 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 456381] Re: /etc/init.d/apache2 missing option to stop gracefully
Chuck, what information do you think is missing? -- /etc/init.d/apache2 missing option to stop gracefully https://bugs.launchpad.net/bugs/456381 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 456381] Re: /etc/init.d/apache2 missing option to stop gracefully
$ apt-cache policy apache2 apache2: Installed: 2.2.12-1ubuntu2 Candidate: 2.2.12-1ubuntu2 Version table: *** 2.2.12-1ubuntu2 0 500 http://fi.archive.ubuntu.com karmic/main Packages 100 /var/lib/dpkg/status $ lsb_release -rd Description:Ubuntu 9.10 Release:9.10 -- /etc/init.d/apache2 missing option to stop gracefully https://bugs.launchpad.net/bugs/456381 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 237391] manpage correction
@Colin: Ok. I see enough guessing in the postings here, including mine, that expert advice is needed. Where can we find an authoritative statement from People Who Have Better Real Cryptographer Credentials as to a 'best practice' for key type and key size? The manpage at least should provide a concise summary of best practices or point the way to an authoritative document. -- ssh-keygen should default to dsa not rsa https://bugs.launchpad.net/bugs/237391 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 237391] [NEW] ssh-keygen should default to dsa not rsa
Public bug reported: Binary package hint: openssh-client Currently ssh-keygen generates RSA keys by default. It's probably time for these to be depreciated in favor of DSA keys. ** Affects: openssh (Ubuntu) Importance: Undecided Status: New -- ssh-keygen should default to dsa not rsa https://bugs.launchpad.net/bugs/237391 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 237391] New connections not made that often
@Neal: That's a valid critique of debian's SSL implementation not related to DSA vs RSA. DSA is faster for signing and RSA is faster for verification. http://neubia.com/archives/000191.html ftp://ftp.rfc-editor.org/in-notes/rfc2536.txt http://home.pacbell.net/tpanero/crypto/dsa.html RSA is weaker than a DSA key of the same length, so to get the same effect, one must use a longer key. I'm not sure that the neubia link above takes that into account. So if the default stays as RSA, it might be an idea to increase the default RSA key length. These are signature algorithms anyway and only used at the beginning anyway. After the client and server authenticate, the rest is done with ciphers like Blowfish or IDEA. So for SSH it's not a problem to use DSA at all, new connections are not made that often. -- ssh-keygen should default to dsa not rsa https://bugs.launchpad.net/bugs/237391 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs